My Quicken was just flagged by Sentinel one and disabled

I tried to run quicken today and it was flagged and removed by Sentinelone. I can't use the software at all.

Answers

  • Sherlock
    Sherlock Member ✭✭✭✭
  • bmciance
    bmciance SuperUser ✭✭✭✭✭
    I don't know SentenelOne but it must have a way to whitelist an application to prevent it from disabling it. 
  • I don't have access to that it is a program from my job.
  • bmciance
    bmciance SuperUser ✭✭✭✭✭
    Is Quicken for your job?   If it is you need to check with your IT support. If not, that is probably why it was removed. 
  • Boatnmaniac
    Boatnmaniac SuperUser ✭✭✭✭✭
    edited January 2022
    (Deleted comment...redundant.)

    (Quicken Classic Premier Subscription: R54.16 on Windows 11)

  • Not disabled because of my Job. Job allows this. Was working up until update today.
  • NotACPA
    NotACPA SuperUser ✭✭✭✭✭
    You need to contact Tech Support at your job.  This isn't, really, a Quicken issue ... it's a Sentinel One issue as to why they started blocking Q.

    Q user since February, 1990. DOS Version 4
    Now running Quicken Windows Subscription, Business & Personal
    Retired "Certified Information Systems Auditor" & Bank Audit VP

  • bmciance
    bmciance SuperUser ✭✭✭✭✭
    But it is your security software that is removing it. Nothing Quicken can do about it. 

    When I worked we would have this happen to software that I installed as part of my job but because IT security hadn't white listed it the software was disabled until they did. You need to get your IT dept to do it. If Quicken was able to do it that wouldn't be a very good security program. 
  • Sherlock
    Sherlock Member ✭✭✭✭
    Not disabled because of my Job. Job allows this. Was working up until update today.
    The point is, if it is Sentinel One disabling Quicken and you want to use Quicken, Sentinel One needs to be changed so that it stops disabling Quicken.  If you haven't clue, contact your Job's IT support.
  • Zeno666
    Zeno666 Member ✭✭
    I The problem IS a Quicken problem. Quicken doesn't have a secure hash in their executable. That makes it look like a hacker wrote the program. Quicken needs to change that, so it won't get targeted by AI-based security software. AI software is the future - Norton is dead, I would never put Norton on my PC.
  • Greg_the_Geek
    Greg_the_Geek SuperUser ✭✭✭✭✭
    If it's a Quicken problem, why does no other AV software report it? I'm a long time Norton user and would never put AI-based security software on my PC. Why do you think it's called Artificial Intelligence?
    Quicken Subscription HBRP - Windows 10
  • NotACPA
    NotACPA SuperUser ✭✭✭✭✭
    [snip] Why do you think it's called Artificial Intelligence?
    Because it's not the real thing???  And, may, even be the opposite of the real thing???

    Q user since February, 1990. DOS Version 4
    Now running Quicken Windows Subscription, Business & Personal
    Retired "Certified Information Systems Auditor" & Bank Audit VP

  • Chris_QPW
    Chris_QPW Member ✭✭✭✭
    Zeno666 said:
    The problem IS a Quicken problem. Quicken doesn't have a secure hash in their executable. 
    Any program that requires all programs on a system to change the way they are created/installed/work so that it can ensure that they are "secure" is only going to work in an environment like the military where they control every single thing that you can install.

    In others, it won't work for any commercial products.
    Signature:
    This is my website: http://www.quicknperlwiz.com/
  • Zeno666
    Zeno666 Member ✭✭
    To Greg_the_Geek: I would never put Norton on my computer. Conventional AV is like a rootkit. Norton announced it will load cryptomining software as part of its package, and "share" the gains from the mining with the hapless user! What a great way to lose customers.

    The remark about Quicken lacking a secure hash is from the cybersecurity / data forensics firm that I hire for my network.

    This just happened again -- I opened Quicken and Sentinel One zeroed the software off my computer (not the data thank god). It is the third time this has happened. They whitelisted Quicken twice, but then Quicken changes again and the next time I open Quicken, whammo.
  • Boatnmaniac
    Boatnmaniac SuperUser ✭✭✭✭✭
    edited February 2022
    Zeno666 said:
    To Greg_the_Geek: I would never put Norton on my computer. Conventional AV is like a rootkit. Norton announced it will load cryptomining software as part of its package, and "share" the gains from the mining with the hapless user! What a great way to lose customers.
    When I read your post I said to myself, "No way would Norton do that!" but I stand corrected:  https://www.secureworld.io/industry-news/norton-crypto-miner-software.  Still it is important to note that "According to the company's FAQ: Norton Crypto page, Norton 360 will not mine crypto without permission from the user—though it is installed automatically—and that it is limited to devices that meet certain requirements, such as having an Nvidia graphics card with minimum 6 GB of memory.  It also says it creates a secure digital wallet for each user..."  I have not used Norton for many years but this does help ensure I will not return to using it for a very long time, if ever.
    That all being said, I agree with the others posting here that if there is only one AV program having an issue with Quicken, then it is highly likely that Quicken is not the problem, but is an issue with that one program.  And while I agree that AI is the future is it not foolproof now...way too many instances still occur where AI "misinterprets" data and draws incorrect "conclusions".  It's getting better and more reliable but it is very apparent to me that when it comes to AI the future is not yet fully reliable.

    (Quicken Classic Premier Subscription: R54.16 on Windows 11)

  • Chris_QPW
    Chris_QPW Member ✭✭✭✭
    Personally, I have always hated Norton, it is far to invasive, and my experience with it is that it caused way more problems than it solved.  In fact, it never really caught any virus for me, but definitely caused me tons of work to work around it.
    Signature:
    This is my website: http://www.quicknperlwiz.com/
  • Greg_the_Geek
    Greg_the_Geek SuperUser ✭✭✭✭✭
    That's funny, my experience with Norton has been the exact opposite. It's been the only AV software I ever saw stop a virus. To me, McAfee is totally useless and a waste of money.
    Quicken Subscription HBRP - Windows 10
  • Chris_QPW
    Chris_QPW Member ✭✭✭✭
    Actually, I have a hate for most AV software because of fault positives not to mention interfering with installs and at times performance hits.  Windows Defenders is what I currently use and have found it to be "reasonable".

    At the heart of most AV software is just "pattern matching".  And as the number of viruses grows and the number of good programs grow those patterns start to converge more and more.  And so also because "failures to detect" and "being one step behind", they start going to things like "don't trust if it hasn't been downloading much" kind of things.

    You don't have to go very far to see the result.  Just look at this forum.
    When people have such conflicts, the workaround suggested is always turn off your AV software.

    When I was working at as a software programmer at a big company, we had times where builds would fail because the AV software would remove a file because it thought it was a virus.  The thing is that the file was source code, as in a text file.  It was impossible for it to be a virus, because you can't "run it".  But their "pattern matching" called it out as a virus.

    I also loved the fact that people would install some AV software and it would claim that if found 10,000 viruses, and they thought that was a good thing.  But in reality, they were all false positives!
    People would keep installing different AV software and getting different false positives and talk about how XXX was better than YYY because found more viruses.  Of course, these people never realized that they were in fact false positives.
    Signature:
    This is my website: http://www.quicknperlwiz.com/
  • Greg_the_Geek
    Greg_the_Geek SuperUser ✭✭✭✭✭
    I worked as a system administrator at a large software development company as well. We only used Symantec for our AV and I can't recall ever having source code being flagged as a false positive. Our course we never had to worry about our UNIX systems.   :D
    Quicken Subscription HBRP - Windows 10
  • Boatnmaniac
    Boatnmaniac SuperUser ✭✭✭✭✭
    That's funny, my experience with Norton has been the exact opposite. It's been the only AV software I ever saw stop a virus. To me, McAfee is totally useless and a waste of money.
    McAfee has several different products with differing levels of protection.  The most commonly sold one is Total Access which I'm not terribly impressed with.  I've been using Multi-Access (included with my Internet service subscription) for at least 10 yrs and a McAfee tech person told me it is one of their more comprehensive offerings.  It's not your typical watered down free version as it includes real-time scanning, website protection, firewall, scans files before opening, automatically checks for app updates for all apps, anti-spam for email, anti-keyboard logging, allows me to protect every device in my home network (up to 10 devices), speeds up apps, file shredder, removes cookies and trackers, ransomeware protection and a few other things.  Once a week I get a complete report of everything it detected and stopped/quarantined...including the occasional virus.  Fortunately, I have a lot of other security in place, too, and I'm very careful about what I download from the Internet and what email attachments I open (never used to be...had to learn the hard way) so I rarely have an issue with viruses and other malware but I can say for sure that I've been pretty impressed with it.
    And, yes, I've used Norton.  It's been a while but at the time I found little difference between it and McAfee. 

    (Quicken Classic Premier Subscription: R54.16 on Windows 11)

  • NotACPA
    NotACPA SuperUser ✭✭✭✭✭
    My knowledge of both Norton and McAfee go back to when I was in system's audit.  During that time, I had occasion to meet both Peter Norton and John McAfee, each of which has subsequently sold their namesake product.
    My impression of Peter Norton was that he was a systems scientist and held his products to the highest standards of professionalism.
    My impression of John McAfee was that he was a huckster/salesman who just barely understood what the product did. 
    I trusted Norton then, and I still do.
    I distrusted McAfee than, and I still do.

    Q user since February, 1990. DOS Version 4
    Now running Quicken Windows Subscription, Business & Personal
    Retired "Certified Information Systems Auditor" & Bank Audit VP

This discussion has been closed.